1. Application of this Policy

PredictiveHire Pty Ltd, PredictiveHire Limited and our related entities (“we”, “us” or “our”)  are committed to protecting personal data from being misused, getting into the wrong hands as a result of poor security or being shared carelessly, or being inaccurate.

This includes protecting the data that we collect and store for the purpose of providing an applicant prediction.

This Data Security Policy (“Policy”) sets out:

1.how we secure data and personal information that we use, collect and process in the course of making available the services provided or made available by ust (“Services”); and

1.the online platform managed by us and used by us to provide the Services (“Platform”).

For further information about the types of information we collect and how we collect, hold, use and disclose your information, please refer to the PredictiveHire Privacy Policy

We may vary this Policy at any time by placing a notice on our website available at www.predictivehire.com . If you access the SaaS Platform and/or use the Services, your access and/or use will constitute acceptance of the terms of this Policy.



2. Policy objectives

Our data security features, practices and procedures  are designed to prevent the misuse, loss or unauthorised access of data and personal information and to detect and respond to any data security breaches in a timely and appropriate manner.



3. Technology security

PredictiveHire has extensive security features and procedures relating to its technology usage:


4. Physical security

Physical security measures at the PredictiveHire offices include:

The PredictiveHire Platform is hosted on Amazon Web Services (AWS) Infrastructure. AWS  manage the physical security of their buildings, they employ  industry standard protections. More information from AWS can be found here.



5. Platform security and operations

PredictiveHire maintains and continues to update its protections to prevent misuse, interference, loss, unauthorised access, modification and disclosure of the data stored on the Platform or used in the Services.

PredictiveHire utilise  a multi-tenant Platform which means your data it will be virtually separated from other partner data. If this is is not sufficient then we can discuss alternative options.

All data stored on the PredictiveHire Platform is encrypted and access to PredictiveHire infrastructure is tightly controlled via the engineering team.

PredictiveHire monitors the operations and effectiveness of its online Platform security to ensure they remain responsive to changing threats and vulnerabilities. As part of this threat assessment we conduct regular 3rd party penetration testing of the PredictiveHire Platform.

Key metrics of production systems and the operational health of the PredictiveHire  Platform is monitored 24×7 and tiered with on-call teams and escalation procedures. These metrics cover networks, backups, uptime and security points, as well as product specific data including integration availability, uptime and integrity.

PredictiveHire is aware that the Service and the Platform may be accessed via different mechanisms including smartphones, tablets, laptops, server to server and through different networks. We are aware that this increased accessibility also increases security risks and we have in place a number of security features to protect security of our data in all these circumstances including the encryption of all data transferred over open networks.



6. Infrastructure Access

We restrict access to all PredictiveHire  infrastructure  to only those employees with a need to access.  All infrastructure is  protected via a VPN and PredictiveHire employs role-based permissioning.



7. Customer and third party access

Any data transferred by us with, or between, third parties is either by email, FTP or other mechanisms is  encrypted.

We have access control policies in place to prevent data being inadvertently or otherwise accessed by, or transferred to, third parties. PredictiveHire  requires that all of our third party vendors abide by our confidentiality and security measures, and obey similar controls.

All customer passwords associated with user accounts to the Platform are stored encrypted and hashed.



8. Data breaches

We have a comprehensive data breach and recovery plan, which is managed directly by our CEO.

PredictiveHire  will advise all relevant third parties of any security or data breach in accordance with applicable legal requirements.

We  may share a high level summary of the incident timeline, data impact and resolution taken once confidence has formed around scope, impact and resolution.



9. Destruction and de-identification measures

Data is only collected via or stored on the PredictiveHire Platform in order to provide a prediction for a job vacancy.  Personal information will be maintained for future applications. At anytime an applicant can request that their personal data is updated (made correct) or removed from the Platform.

PredictiveHire uses a Pseudonymization approach so as to maintain the integrity of its prediction models. This means all personal information will be removed from an assessment.

Assessment results and associated performance data will be maintained without any association to an individual, the handling / destruction of this data will be noted in your contract with PredictiveHire. No personally identifiable data is stored within our prediction models.



10. Governance, culture and training

All of our employees are required, from time to time, to undertake data security policy and procedures training to a level which is appropriate for their position.

In addition engineers  are also trained on security paradigms such as OWASP which are integrated into our day to day operations.



11. Questions

If you have any questions or concerns about this Policy or the security of your personal information, please contact our Privacy Officer via support@predictivehire.com.

Get our insights newsletter to stay in the loop on how we are evolving PredictiveHire